Security of controlled manufacturing systems in the connected factory: the case of industrial robots

Pogliani, Marcello; Quarta, Davide; Polino, Mario; Vittone, Martino; Maggi, Federico; Zanero, Stefano

doi:10.1007/s11416-019-00329-8

Cited by 26 publications

(24 citation statements)

References 10 publications

(9 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our analysis tool can detect both security-sensitive code patterns that could lead to vulnerabilities in task programs as well as malicious patterns that could lead to malware. First, using our tool we were able to confirm the path-traversal vulnerability that the authors of [18] found manually. Such vulnerability resulted in ABB removing the vulnerable application from the online repository.…”

Section: Discussionmentioning

confidence: 94%

“…However, the security impact of these primitives has not been studied yet. Our previous research [18] found a path traversal vulnerability in a real-world program: A web server written in ABB's RAPID. This vulnerability allows attackers to access (sensitive) files outside of the root directory served by the application.…”

Section: Research Challenges and Goalsmentioning

confidence: 99%

“…Example. In previous research [18], we found a real case of vulnerable application for industrial robots, which was made available through ABB's RobotApps platform 7 . The application runs as a web server providing static and dynamic pages.…”

Section: File and Configuration Handlingmentioning

confidence: 99%

“…Recent research looked into the security of industrial machinery, such as robots. In our previous research [19], we focused on the security properties of industrial robots, and in a follow-up paper [18], we mentioned how task programs are part of the attack surface, showing an example of an application written in a IRPL and vulnerable to a "path traversal" issue. Despite this, currently, there are neither security analysis tools for programs written in IRPLs, nor security mechanisms to implement resource isolation in common robotic operating systems (e.g., privilege separation).…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Detecting Insecure Code Patterns in Industrial Robot Programs

Pogliani

Maggi²,

Balduzzi³

et al. 2020

Proceedings of the 15th ACM Asia Conference on Computer and Communications Security

Self Cite

View full text Add to dashboard Cite

Industrial robots are complex and customizable machines that can be programmed with proprietary domain-specific languages. These languages provide not only movement instructions, but also access to low-level system resources such as the network or the file system. Although useful, these features can lead to taint-style vulnerabilities and can be misused to implement malware-on par with generalpurpose programming languages. In this paper, we analyze the languages of 8 leading industrial robot vendors, systematize their technical features, and discuss cases of vulnerable and malicious uses. We then describe a static source-code analyzer that we created to analyze robotic programs and discover insecure or potentially malicious code paths. We focused our proof-of-concept implementation on two popular languages, namely ABB's RAPID and KUKA's KRL. By evaluating our tool on a set of publicly available programs, we show that insecure patterns are found in real-world code; therefore, static source-code analysis is an effective security screening mechanism, for example to prevent commissioning insecure or malicious industrial task programs. Finally, we discuss remediation steps that developers and vendors can adopt to mitigate such issues. CCS Concepts • Computer systems organization → Robotics; • Security and privacy → Software security engineering;

show abstract

Section: Discussionmentioning

confidence: 94%

Section: Research Challenges and Goalsmentioning

confidence: 99%

Section: File and Configuration Handlingmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Detecting Insecure Code Patterns in Industrial Robot Programs

Pogliani

Maggi²,

Balduzzi³

et al. 2020

Proceedings of the 15th ACM Asia Conference on Computer and Communications Security

Self Cite

View full text Add to dashboard Cite

show abstract

“…Industrial robot is a highly integrated product of mechatronics. This a high value-added technical product enjoys a wide scope of application, setting a benchmark for industrial automation and Industry 4.0 [1]. In recent years, domestic industrial robots have been applied in more and more scenarios.…”

Section: Introductionmentioning

confidence: 99%

End Position Detection of Industrial Robots Based on Laser Tracker

Li¹,

Zhao²,

ChunLei³

et al. 2019

I2M

View full text Add to dashboard Cite

The end position of industrial robots cannot be measured directly. To solve the problem, this paper proposes an end position detection method for industrial robots based on laser tracker. First, the target ball was fixed onto the end flange of a six degree-of-freedom (DOF) industrial robot by the laser target. Then, the conversion between different coordinate systems was obtained through two experiments. In the first experiment, the end of the robot rotated about the axes of the robot tool coordinate system (RTCS). The second experiment is about the single-joint rotation of the robot. Based on the conversion relationship, the author computed the deviation of the end position read on the robot controller from the position that the end actually arrives at. Experimental results show that the proposed method is feasible for online detection of the end position for industrial robots. The research lays the basis for calibrating geometric parameters of industrial robots, and provides a guide on improving the positioning accuracy of industrial robots.

show abstract

Real-Time Self-defense Approach Based on Customized Netlink Connection for Industrial Linux-Based Devices

Wan

Yao

2021

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

View full text Add to dashboard Cite

With the deep integration of IT (Information Technology) and OT (Operational Technology), various Linux operating systems have been successfully applied in critical industrial devices, such as Linux-based IIoT (Industrial Internet of Things) controllers or gateways, and the vulnerabilities of these systems may become a new breakthrough for the organized and high-intensity attacks. In order to prevent malwares from corrupting or disabling industrial Linux-based devices, this paper proposes a novel real-time self-defense approach, which can be easily developed without redesigning the basic software and hardware platform. By establishing the customized Netlink connection between kernel mode and user mode, this approach can monitor all application processes, and block each new malicious application process, which cannot conform to the trusted white-listing rules. All experimental results show that the proposed approach has a comparative advantage to effectively detect and prevent the malware-related attacks, and provides a self-defense function for industrial Linux-based devices, which meets their availability due to the millisecond resolution.

show abstract

Security of controlled manufacturing systems in the connected factory: the case of industrial robots

Cited by 26 publications

References 10 publications

Detecting Insecure Code Patterns in Industrial Robot Programs

Detecting Insecure Code Patterns in Industrial Robot Programs

End Position Detection of Industrial Robots Based on Laser Tracker

Real-Time Self-defense Approach Based on Customized Netlink Connection for Industrial Linux-Based Devices

Contact Info

Product

Resources

About